My Neighbour

[will-wtf]

Well..

I didn't mind at all when he would just borrow my internet for a little while and use it to check his emails, google lawnmovers and maybe read the news. But now he has appeared to understand what torrents are, as the internet cost has doubled, and apparently there was a letter from BT (which I am skeptical about *sigh*)

To cut a long story short I have been told to do something about it, but dn't really want to do anything serious like add wpa-psk, or block torrents. I just want to screw around with jasager and see where it goes. So my initial thought was to turn off the wireless and just leave the FON running so there is no choice, and run upside-down-ternet for a laugh but I haven't got a clue what to do :)

If someone can please tell me what I should do to get that working it would be awesome

Thanks

[digininja]

First, protect your network, leaving your wifi open is asking for trouble, imagine if your neighbour starts surfing child porn or something bad like that, it is all coming from your IP, you will be the one investigated.

If you still then want to mess with him then you can put up a second AP for him to connect to and make sure you control what is going through it. To do this you don't need Jasager just a normal AP, easiest way is to hook it up to a second wired NIC on a machine and set up ICS through Linux, you are then in the middle and so can run apps to modify the network traffic. There are a few guides in the forum on setting up Linux ICS and I think some of the GUI based distros even have it as a point and click so that should be OK to setup.

[Encrypted_Soldier]

Yeah the first step should be to secure your network. Then you can do whatever you want.

Also how do you set up ICS in Linux because I cannot set it up in windows I do not have the option for some reason.

[digininja]

Go through this forum, there are a few threads on setting up ICS. Basically setup a bridge with

brctl addbr br0

then add interfaces to it

brctl addif br0 eth0

brctl addif br0 <second interface>

Then enable forwarding by

echo 1 > /proc/sys/net/ipv4/ip_forward

That is about it

[aeiah]

get a decent router and set up some firewall rules. just block anything that isnt port 80 and 443 that's from a MAC that isnt yours. if he's crafty enough to clone your MAC then arp poison and sslstrip him and get his passwords, send him an email from his own email address and as soon as he checks it, disconnect him :P

i did the latter to someone who hacked my WEP once. it was quite amusing to look at wireshark and see him frantically logging into things to change passwords, then i left him dangling by changing to WPA before he had a chance to change them all.

[will-wtf]

How could I go about putting my face as the google logo? :) That would just be an entertaining thing to do anywhere

Thanks for all the reply's guys, added wpa to protect after the sound advice.. ;)

[digininja]

If he moves to another unencrypted network then you could look at airpwn from the metasploit framework. Now you are on WPA he is no longer travelling through your network so you can't do anything directly inline anymore

[will-wtf]

Could you elaborate on that a bit more? I watched something by paulDotCom but it just confused me a bit more... :S

[digininja]

Can't promise but I think this show has something about it on it http://revision3.com/hak5/hoboken